We have unix server and windows AD server in my system , I would like the unix user to login the unix server by use the windows userid / password ( authenticate unix against windows AD ) , I have setup a Kerberos in unix server and now it can authenticate windows AD user/password , the command that I use in is "kinit userid@domain.com" , the windows AD can authenticate the password , I think I have partly setup the kerberos .

Now , the unix user telnet to the unix server , it still use the userid/password in local server ( unix server ) . If I want all the telnet authentication via the windows AD ( use the windows AD userid/password ) , could advise what can I do ? thx.

Read them, there's a few concepts, you need pam plugins I guess for ssh / telnet authentication, I haven't actually done this my self. If you configure the workstations right you can just login from the normal prompt and it will auth against AD